package com.gxgeek.spring.security.securitybrowser;

import com.gxgeek.spring.security.securitybrowser.authentication.GxgeekAuthenticationFailHandler;
import com.gxgeek.spring.security.securitybrowser.authentication.GxgeekAuthenticationSuccessHandler;
import com.gxgeek.spring.security.securitycore.properties.SecurityConstants;
import com.gxgeek.spring.security.securitycore.properties.SecurityProperties;
import com.gxgeek.spring.security.securitycore.validate.ValidateCodeFilter;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl;
import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository;

import javax.annotation.Resource;
import javax.sql.DataSource;

/**
 * @author gaoxing
 * @create 2017-10-09 上午10:54
 */
@Configuration
public class BrowserSecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    SecurityProperties securityProperties;

    @Autowired
    GxgeekAuthenticationSuccessHandler successHandler;
    @Autowired
    GxgeekAuthenticationFailHandler failHandler;
    @Resource(name = "validateCodeFilter")
    private ValidateCodeFilter validateCodeFilter;
    @Autowired
    private DataSource dataSource;
    @Autowired
    private UserDetailsService userDetailsService;

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.addFilterBefore(validateCodeFilter, UsernamePasswordAuthenticationFilter.class)
            .formLogin()
//            .loginPage("/gx-signIn.html")
                .loginPage(SecurityConstants.DEFAULT_UNAUTHENTICATION_URL)
                //指定登录页面  使用过滤器链
    //            .loginProcessingUrl("/gx-signIn.html")
                .loginProcessingUrl(SecurityConstants.DEFAULT_UNAUTHENTICATION_URL)
                .successHandler(successHandler)
                //失败处理器
                .failureHandler(failHandler)
            //记住我功能配置
            .and().rememberMe()
                .tokenRepository(tokenRepository())//配置token 数据库操作
                .tokenValiditySeconds(securityProperties.getBrowser().getRemeberMeSecondes())//token有效时间
            .and()
            .authorizeRequests()
                //忽略对登录页的权限校验
                .antMatchers(
                    SecurityConstants.DEFAULT_UNAUTHENTICATION_URL,
                    "/imooc-sign.html",
                    securityProperties.getBrowser().getSignInUrl(),
                    "/code/*")
                    .permitAll()
                .anyRequest().authenticated()
            .and().csrf().disable();
//        super.configure(http);
    }



    // 配置加密算法实现类
    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }

    //RemberMe  功能Repository
    @Bean
    public PersistentTokenRepository tokenRepository(){
        JdbcTokenRepositoryImpl tokenRepository = new JdbcTokenRepositoryImpl();
        tokenRepository.setDataSource(dataSource);
        //启动时  创建脚本
//        tokenRepository.setCreateTableOnStartup(true);
        return tokenRepository;
    }

}

